First, lest this sounds like a whiny complaint-fest on my part, I would like to start off by publicly thanking everybody who has worked so hard these past couple years to ensure the freedom of iPhone users everywhere. That includes the iPhone Dev Team and all its members and associates (especially MuscleNerd and Saurik who have both taken time to respond to me personally in other contexts in times past), Chronic Dev, Geohot, and so on. You all rock.

Also, Saurik, your blog post on your SHSH database and iTunes restore proxy service was incredibly well-written and informative. Thank you for taking the time to not only explain the issues, but also to do something active about it for the community.

That said, I still have questions. :-)

Although, before that, I first thought of a potential problem with the SHSH proxy server solution that I thought I would raise, although I don't think it is a problem without a solution itself. It occurred to me that Apple, when processing warranty claims, could run the ECID of a phone being returned to them through this publicly-accessible database, and see if there is an ECID SHSH bundle on file with it for versions of the OS other than the most current public release. It's easy to test: try to restore to an earlier version using Saurik's server (or even write an application that simulates a restore to an earlier version for a given ECID, asking Saurik's server for the bundles of a few known-vulnerable-to-jailbreaking past OS releases for that ECID). If they get a hit, they could just as easily deny warranty service to that phone as they could to a phone that arrived still-jailbroken. It would almost be as good as if they got a confession out of you. So I wonder if maybe future versions of the SHSH proxy could have a mechanism introduced to them which would allow you to tell the proxy server to answer requests for your ECID in the negative until you authenticate yourself to it through some other mechanism (a web site where you used a registered username and password?), which would then give you a small (30-minute, say?) window of time to conduct a restore from the same IP address that you authenticated yourself from.

Just a thought!

Anyway, so I am not numbered among those who managed to "accidentally" upgraded their 3GS from 3.0.1 to 3.1, and am not in a state of panic as a result. My phone still works, is still running unlockable baseband firmware, is still happily jailbroken, and I have no desire to upgrade to 3.1 and no pressing need to perform a firmware restore on my phone to solve one software issue or another.

In the interest of being able to preserve this happy state, lest -- Jupiter forbid -- an accident should occur, either by my own stupidity or some unforseen event outside of my control, I also diligently read about and took all of the precautionary, defensive steps that all of the players involved in the iPhone hacking scene publicly recommended that we as users do, with the reassurance given to us at the time that such actions would be sufficient to protect our freedoms with respect to our phones. This includes, first, grabbing my ra1nyday file from Geohot, and second, grabbing copies of my personally-signed-by-Apple iBSS and iBEC files.

Imagine my surprise, frustration, and confusion when I discovered through Saurik's recent Tweets as well as the aforementioned blog post that this turns out not to be the case. That despite what we were told, somehow having an Apple-signed copy of your own vulnerable iBSS is apparently not enough. That instead, it is complete, signed SHSH "blobs" (whatever they are, and previously unmentioned by anybody else anywhere, as far as I can tell) that are actually the key. That there was only a short weekend of opportunity to grab that key for yourself; that those who didn't happen to think to check Cydia over the weekend preceding Apple's "It's Only Rock and Roll" event are apparently now completely screwed if they ever happen to need or want to conduct a 3.0 restore on their phone. That it sounds like none of the precautions we were assured would be sufficient turned out to be so.

I totally missed Saurik's announcement about the new Cydia version's ability to collect your ECID and then run out and grab 3.0 SHSH's for your phone on your behalf from Apple when it was announced last weekend, otherwise you bet I would have said "okay!" Alas, that small window of time was only open for 3-4 short days, and is now gone.

I'm not blaming anyone. I just want to understand the state of things right now, and what our options are, either now or down the road. Information is seemingly sparse, and the few people who have the knowledge are so busy and swamped that it's hard to get these questions answered (and, trust me, I know what that feels like, and I don't want to burden them further). Saurik's blog post, as well-written as it is, still leaves a few questions unanswered, and perhaps it is this uncertain state of "not knowing" that gnaws at me.

First and foremost, what is an "SHSH blob"? It has yet to be explained what function it serves and why it is needed. I understand what the iBSS is ("iBoot Lite" for DFU, essentially) and how it comes into play for jailbreaking on the 3GS (iBSS has the vulnerability, DFU itself doesn't, or something like that), but neither Saurik's writings nor letmegooglethatforyou.com can shine any light on "SHSH." It's not like I've been slacking off here.

And is there absolutely no way to have your personal SHSH bundle generated based on the signatures that we who were diligent to do so were able to collect? This SHSH collection can truly only come from Apple (who, of course, is not signing for 3.0.x anymore)?

How is it that we all only know about it now? Is there any way that I could have collected my own SHSH bundle when the opportunity was still ripe?

Saurik mentions only collecting 3.0.1 signatures for a very small subset of the 50K ECIDs total that he managed to collect signatures for. In my experience, however, collecting my own iBSS, I found that my signed-by-Apple 3.0 iBSS file was bit-for-bit identical to my 3.0.1 iBSS file, suggesting there was no difference between the signature for 3.0 and that for 3.0.1. So I am confused on this point: is it only the case that the iBSS is the only signature in common between 3.0 and 3.0.1, and that the other components in the complete SHSH "blob" are not the same between 3.0 and 3.0.1? (I guess that would make sense if iBSS code itself did not change between 3.0 and 3.0.1, which it probably didn't, and all components within the "blob," of which iBSS is but a subset, are being signed with something that is based off of your ECID, so that particular file could remain the same while the rest of it might differ.)

Okay, so while writing that last paragraph a light-bulb went on that probably answers some of the questions. If the SHSH collection is a collection of different files needed during the restore process, and iBSS is just one of those files included in the collection, then, yeah, you wouldn't be able to generate signed versions of the other files just with the signed iBSS file. And so Apple would be the only entity who could in fact generate the SHSH bundle. I'm still confused why nobody spoke of this earlier!

For those of us, such as myself, who like 3.0 and are planning on passing on 3.1 entirely even if someone manages to find a way to jailbreak it on the 3GS, are we out of luck if we ever need to do a firmware restore because we missed the opportunity to grab all of the files that Apple's server signed instead of just the iBSS? What options exist if I need to restore my phone?

Thanks for taking the time to read my insane ramblings. I know that I'm really a nobody when it comes down to it, and that there is no reason why my questions should be taken any more seriously than anybody else's, or that they are of a higher priority than anyone else's. I truly have no sense of entitlement to these answers, and I hope that the way in which I have phrased them did not come across otherwise.

But as Saurik himself said in the introduction to his blog post, "I find it much less powerful to say 'do this' than 'do this, here is how it works, and this is why', because the former just causes more confusion and more problems down the road." I totally agree with this, and it is in this same spirit that I present these questions, in the hope that their answers will illuminate the situation we find ourselves in and reduce the chances for confusion and future problems down the road.

It occurred to me that Apple, when processing warranty claims, could run the ECID of a phone being returned to them through this publicly-accessible database, and see if there is an ECID SHSH bundle on file with it for versions of the OS other than the most current public release.

Everyone, even people who are not jailbreaking, should use my ECID SHSH caching service. Using this caching service does not mean you are jailbreaking your device, and nothing about it voids your warranty AFAIK.

Originally Posted by NathanA

Imagine my surprise, frustration, and confusion when I discovered through Saurik's recent Tweets as well as the aforementioned blog post that this turns out not to be the case. That despite what we were told, somehow having an Apple-signed copy of your own vulnerable iBSS is apparently not enough. That instead, it is complete, signed SHSH "blobs" (whatever they are, and previously unmentioned by anybody else anywhere, as far as I can tell) that are actually the key. That there was only a short weekend of opportunity to grab that key for yourself; that those who didn't happen to think to check Cydia over the weekend preceding Apple's "It's Only Rock and Roll" event are apparently now completely screwed if they ever happen to need or want to conduct a 3.0 restore on their phone. That it sounds like none of the precautions we were assured would be sufficient turned out to be so.

I totally missed Saurik's announcement about the new Cydia version's ability to collect your ECID and then run out and grab 3.0 SHSH's for your phone on your behalf from Apple when it was announced last weekend, otherwise you bet I would have said "okay!" Alas, that small window of time was only open for 3-4 short days, and is now gone.

Technically all you need is the iBSS. However, someone needs to write a tool that uses this as input. Currently there is no motivation to, as it is my understanding that 3.1 has an exploit in it, so people are concentrating right now on a more normal jailbreak tool.

Originally Posted by NathanA

I'm not blaming anyone. I just want to understand the state of things right now, and what our options are, either now or down the road. Information is seemingly sparse, and the few people who have the knowledge are so busy and swamped that it's hard to get these questions answered (and, trust me, I know what that feels like, and I don't want to burden them further). Saurik's blog post, as well-written as it is, still leaves a few questions unanswered, and perhaps it is this state of "not knowing" that gnaws at me.

You should get a 3.1 signature when the service comes back online in Cydia tonight. It is my understanding that the 3.1 firmware has been exploited, and that you will see an exploit at some point in the as yet undetermined future, probably from ChronicDev. While the window on 3.0 is closed, it doesn't really matter: 3.1 is the last great stand.

Originally Posted by NathanA

First and foremost, what is an "SHSH blob"? It has yet to be explained what function it serves and why it is needed. I understand what the iBSS is ("iBoot Lite" for DFU, essentially) and how it comes into play for jailbreaking on the 3GS (iBSS has the vulnerability, DFU itself doesn't, or something like that), but neither Saurik's writings nor letmegooglethatforyou.com can shine any light on "SHSH." It's not like I've been slacking off here.

The "blob" contains the ECID, SHSH, and CERT. The iBSS is one of the firmware files that contains critical startup code. It is in the form of an IMG3 file. The IMG3 file is modified using the blob from Apple's server to include the ECID, SHSH, and CERT sections and is then considered "personalized".

purplera1n.com stores an ECID and an SHSH for iBSS (the CERT is always the same, so you don't need to store it).

Capturing the iBSS from the personalized firmware happens to give you all three sections for that file, as they are what personalized it.

Cydia's "on file" stores blobs for /all/ files in the firmware, including the iBSS. This includes the ramdisk and other filesystems.

Originally Posted by NathanA

And is there absolutely no way to have your personal SHSH bundle generated based on the signatures that we who were diligent to do so were able to collect? This SHSH collection can truly only come from Apple (who, of course, is not signing for 3.0.x anymore)?

Do to the wonders of encryption technology, you either need a super computer or a thief in order to generate these files.

Originally Posted by NathanA

How is it that we all only know about it now? Is there any way that I could have collected my own SHSH bundle when the opportunity was still ripe?

What could have copied the /entire/ personalized firmware directories (getting all of the files in them), not just the iBSS and iBEC files.

Originally Posted by NathanA

Saurik mentions only collecting 3.0.1 signatures for a very small subset of the 50K ECIDs total that he managed to collect signatures for. In my experience, however, collecting my own iBSS, I found that my signed-by-Apple 3.0 iBSS file was bit-for-bit identical to my 3.0.1 iBSS file, suggesting there was no difference between the signature for 3.0 and that for 3.0.1. So I am confused on this point: is it only the case that the iBSS is the only signature in common between 3.0 and 3.0.1, and that the other components in the complete SHSH "blob" are not the same between 3.0 and 3.0.1?

Correct, the iBSS is the same from 3.0 to 3.0.1. The filesystem, though, is an example of a file that is not. Not all of the files are identical between the two firmwares.

Originally Posted by NathanA

For those of us, such as myself, who like 3.0 and are planning on passing on 3.1 entirely even if someone manages to find a way to jailbreak it on the 3GS, are we out of luck if we ever need to do a firmware restore because we missed the opportunity to grab all of the files that Apple's server signed instead of just the iBSS? What options exist if I need to restore my phone?

Unfortunately, that may be the case. The question is going to be whether or not PwnageTool allows you to do a downgrade from a jailbroken 3.1 to a jailbroken 3.0. (Pwnagetool generates custom firmwares that can be installed on any jailbroken version of the firmware, and will be able to help people upgrade from a jailbroken 3.0 to 3.1, and in the future probably 3.1 to anything else.)

Saurik, you are truly a gentleman. Thank you very much for taking the time to respond.

Originally Posted by saurik

Everyone, even people who are not jailbreaking, should use my ECID SHSH caching service. Using this caching service does not mean you are jailbreaking your device, and nothing about it voids your warranty AFAIK.

That is a valid point (although Apple could argue that people are unlikely to know of the existence of your service through any channels other than the ones offering information on jailbreaking). However, Apple is the one who sets the terms of their own warranty...if they wanted to deny coverage based on the fact that they found your servers offering up copies of copyrighted Apple IP that can be tied to, say, my particular phone, they can probably get away with it. They don't have to say that it is because they think it is evidence of jailbreaking (although that is originally what I was thinking). Now, in all likelihood, they probably won't do that, at least for this particular model where the warranty terms have already been spelled out. But I am not so sure I would rule it out completely, especially for future phones down the road...and isn't it better to be safe than sorry? (Though my experience today over this SHSH issue is that you can have plenty of the former, and still end up with lots of the latter. )

Technically all you need is the iBSS. However, someone needs to write a tool that uses this as input. Currently there is no motivation to, as it is my understanding that 3.1 has an exploit in it, so people are concentrating right now on a more normal jailbreak tool. [...] The question is going to be whether or not PwnageTool allows you to do a downgrade from a jailbroken 3.1 to a jailbroken 3.0. (Pwnagetool generates custom firmwares that can be installed on any jailbroken version of the firmware, and will be able to help people upgrade from a jailbroken 3.0 to 3.1, and in the future probably 3.1 to anything else.)

Right, I'm aware of what PwnageTool is; I've had a 3G since 3G release day last year. Issue is, the things I've been reading about 3.1 aren't all that flattering. First, I'd like to hold out until a solution to the tethering block is discovered. Second, lots of people have been having issues with sudden extremely poor battery performance and constant lock-ups multiple times daily. 3.1 has no compelling features for me, so until/unless there is better news, I was hoping to stick with 3.0 on my month-old 3GS, which works just fine. But now because there is no downgrade path, I'm afraid to so much as update packages in Cydia for fear I may end up bricking the darn thing, which means I am now less "free" than I used to be to do what I want with my own phone.

The "blob" contains the ECID, SHSH, and CERT. The iBSS is one of the firmware files that contains critical startup code. It is in the form of an IMG3 file. The IMG3 file is modified using the blob from Apple's server to include the ECID, SHSH, and CERT sections and is then considered "personalized". [...snip...] Cydia's "on file" stores blobs for /all/ files in the firmware, including the iBSS. This includes the ramdisk and other filesystems.

Okay, I think part of the problem is simply that I don't have a good familiarity with the IMG3 format nor am I a cryptography expert, so let me see if I understand you correctly: the master "blob" generated from your unique ECID by Apple's servers is applied to all IMG3-format components within the firmware IPSW (ZIP) file (which I'm guessing excludes the main/root filesystem image, which probably isn't even IMG3 anyway...surely you aren't dedicating nearly 300MB of space on your end per ECID...), and what is new w/ 3GS is that iBSS (bootstrap, in the case of bootrom DFU) or iBEC (in the case of recovery mode/native iBoot) and the installation ramdisk image have to be branded with this "blob" (which has to match phone's unique ECID) in order for bootrom sigchecking to pass.

...okay, now I see on iphonewiki that an ECID tag has been added to IMG3 and that SHSH is also actually an IMG3 tag. I think this helps me understand a little better, but I'm still confused because...

...due to the wonders of encryption technology, you either need a super computer or a thief in order to generate these files...

...it is unclear to me whether the SHSH tag is static across all personalized IMG3s that Apple generates for you (since you say the master "blob" contains the SHSH...) and the issue is encrypting the IMG3 contents to match, or whether the issue is computing and then encrypting/signing the SHSH correctly for each IMG3.

What could have copied the /entire/ personalized firmware directories (getting all of the files in them), not just the iBSS and iBEC files.

Not sure if you are asking a question here, or making a statement...I'm assuming that if you can write something that is able to do so on your server, then someone could have also written something that would allow someone to capture the necessary files on their own computer. But then again, I'm ***-uming, so...

While the window on 3.0 is closed, it doesn't really matter: 3.1 is the last great stand.

Unless you don't want to run it. I guess I will just have to take a wait-and-see approach. Hopefully the reports of its bugginess are greatly exaggerated, and someone can manage to enable tethering again once it's been JB'd.

This situation really pisses me off, but as always you guys sound like you are trying to make the best of it. And usually, you manage to succeed. Thanks again for all your hard work.

QUOTE=NathanA;4951619]...it is unclear to me whether the SHSH tag is static across all personalized IMG3s that Apple generates for you (since you say the master "blob" contains the SHSH...) and the issue is encrypting the IMG3 contents to match, or whether the issue is computing and then encrypting/signing the SHSH correctly for each IMG3.[/QUOTE]

There is no "master blob": there is one "blob" per img3 file.

QUOTE=NathanA;4951619]Not sure if you are asking a question here, or making a statement...I'm assuming that if you can write something that is able to do so on your server, then someone could have also written something that would allow someone to capture the necessary files on their own computer. But then again, I'm ***-uming, so... :)[/QUOTE]

That is correct. This is the first notice you have gotten from me about what is useful. Previous notices came from other people with other agendas (and other abilities: I, for example, would have to learn quite a bit to write a tool that uses those purplera1ny files or just an iBSS, so I had to find something simpler).

The idea of tracking my ECID SHSH on a 3rd party server is somewhat discomforting. My imagination runs rampant with the various ways in which this information might be used against me in the future. Be it in the form of legal claims, denial of phone and/or warranty services, or malicious use of the data.

Granted, the above scenarios are unlikely given the context of usage. But then again, I am sure there's an army of [pick a word] figuring out ways to combat the freedoms we seek. In terms of malicious use of the data, in no way do I think the great contributors to the iPhone freedom movement would have such nefarious objectives. Unfortunately, the less honorable among us might have different ideas in mind. It seems plausible to me that somehow this information could be detrimental. If not now, perhaps in future releases.

That said, unless I have missed this, I would love to see the "caching service" made available in some form to enable for local capture of the ECID SHSH. 127.0.0.1 go.apple.com....

On the horizon perhaps?

Cheers

Not sure if you are asking a question here, or making a statement...I'm assuming that if you can write something that is able to do so on your server, then someone could have also written something that would allow someone to capture the necessary files on their own computer. But then again, I'm ***-uming, so...

That is correct. This is the first notice you have gotten from me about what is useful. Previous notices came from other people with other agendas (and other abilities: I, for example, would have to learn quite a bit to write a tool that uses those purplera1ny files or just an iBSS, so I had to find something simpler).

Just noticed this reply cross mine. Nonetheless, my question remains open to general community on locally capturing the hashes. It would seem easy to do with a local proxy. TIA..